RHEL or Centos: What is umask in linux and how to set/change it ?

Today we will look: what is meant by umask in linux and how to set it to change default permissions for files and directories in Linux.

For this article to understand, it is a pre-requisite that you know about the linux permissions i.e.:
r- For read – Corresponds to numeric number 4
w – For write- Corresponds to numeric number 2
x- For execution- Corresponds to numeric number 1

And cumulative it is referred to as rwx(i.e. 7 in numeric).

What is execute permission on a directory or a file ?
For directories, the execute permission means we can enter into the directory, however for files it means we can execute the file, for example:- a script/ or binary executable. Hence by default the files have permission 644(6-read-write for owner, 4-read for group, and 4-readable by others), however for directory it is 755.

Now lets come to our topic i.e. umask.

What is Umask ?
Umask refers to the user mask.

User Mask or User file creation MASK decides the default permissions or base permissions given whenever a new file (or directory) is created on Linux. By default, umask is set to 022 (0022) as default UMASK.

Permissions with UMASK 022
When we have default 022 umask and a new file/directory is created, it is given below permission:
1. For files: 666 – umask(022) = 644 (rw-r-r)
2. For directories: 777 – umask(022) = 755 (rwx-rx-rx)

In actual, the permission is NOT(UMASK) i.e. NOT(022) = (755 for directory inode, and 644 for file inode).
However for the sake of learning we learn like 777-umask which also gives correct result.

How to check current umask on the Linux system ?
To check the current umask effective in your session, you can run umask command to check its value.

[root@nglinux ~]# umask

### Now lets create a file and directory.
[root@nglinux ~]# touch file1
[root@nglinux ~]# mkdir dir1

### Now check the default permissions.
[root@nglinux ~]# ls -ld file1 dir1
drwxr-xr-x. 2 root root 4096 Jan  9 21:05 dir1
-rw-r--r--. 1 root root    0 Jan  9 21:05 file1
[root@nglinux ~]# 

How to change umask value ?
To change umask value, we can use umask command followed by umask new value.

[root@nglinux ~]# umask 444
[root@nglinux ~]# umask

### Check the permission after changing umask.
[root@nglinux ~]# touch file2 dir2
[root@nglinux ~]# ls -ld file2 dir2
--w--w--w-. 1 root root 0 Jan  9 21:07 dir2
--w--w--w-. 1 root root 0 Jan  9 21:07 file2
[root@nglinux ~]# 

We have changed the umask in current session, however when we open new session the umask will be same 022.
To make the umask changes persistent, we can follow next step.

Making umask value persistent
To change the umask value permanently, we can add this command in any of the profile file(s).

To change for a particular user, we can add the command to ~/.profile or ~/.bash_profile or any other user startup file.

To change it for whole system, we can change the value in /etc/profile(recommended) or any other system startup file.

[root@nglinux ~]# cat /etc/profile | grep -i umask
# By default, we want umask to get set. This sets it for login shell
    umask 002
    umask 022
[root@nglinux ~]# 
0 0 votes
Article Rating
Notify of

1 Comment
Oldest Most Voted
Inline Feedbacks
View all comments
6 years ago

Nice explanation..